kubectl Cheat Sheet 2026 [Deep Dive] Platform Ops Guide

kubectl remains the control surface most platform engineers touch every day, whether they are inspecting pods, diffing manifests, debugging nodes, or switching kubeconfig contexts. This 2026 cheat sheet is optimized for speed: broad command coverage, short explanations, and copy-ready examples. Where it matters, it tracks the official Kubernetes generated command reference and current shell-completion guidance from kubernetes.io.

The Short Version

If you only memorize a handful of patterns, make them get, describe, logs, apply, rollout, config, wait, diff, and debug. Those cover most day-two cluster operations without leaving the terminal.

Live Search Filter

Use this filter to narrow command groups in-place. It matches command names, resource types, and common tasks such as logs, rollout, context, RBAC, and JSONPath.

Filter commands

Showing all command groups.

Keyboard Shortcuts

Strictly speaking, kubectl has commands, flags, and completion rather than built-in editor shortcuts. In practice, these shell and readline moves are what make kubectl fast. Pair them with kubectl completion and an alias like k.

Shortcut	What it does	Why it matters for kubectl
`Tab`	Triggers shell completion	Completes resource names, flags, and subcommands when kubectl completion is loaded.
`Ctrl-r`	Reverse search shell history	Find that long kubectl get or kubectl exec line instead of retyping it.
`Ctrl-a`	Jump to start of line	Useful when prepending `watch` , `time` , or a namespace flag.
`Ctrl-e`	Jump to end of line	Fast when appending `-o yaml`, `--context`, or `--dry-run=client`.
`Alt-b` / `Alt-f`	Move backward or forward by word	Handy for editing long resource selectors and JSONPath expressions.
`!!`	Repeats previous command	Useful after realizing the last command only needed `sudo`, `watch`, or a redirected output.
`!$`	Inserts last argument from previous command	Great when reusing a pod or namespace name in the next kubectl invocation.
`alias k=kubectl`	Short alias	The single highest-leverage speedup, especially combined with completion.

Inspect and Query

These are the commands you reach for first: list what exists, inspect one object deeply, and shape output for human or script consumption.

Inventory, describe, and inspect

get is the default entry point. Add -A for all namespaces, -o wide for operator-friendly output, and describe when you need events, conditions, mounts, probes, or scheduling detail.

kubectl get pods -A
kubectl get deploy -n prod -o wide
kubectl get svc,ingress -A
kubectl describe pod api-7c6d9b6d9f-r8x5m -n prod
kubectl get events -A --sort-by=.metadata.creationTimestamp
kubectl top pods -A
kubectl top nodes

Output shaping and API discovery

When default tables are not enough, switch to -o yaml, -o json, jsonpath, or custom columns. Then use api-resources and explain to discover types and schema paths without leaving the CLI.

kubectl get pods -n prod -o yaml
kubectl get pods -A -o jsonpath='{range .items[*]}{.metadata.namespace}{"/"}{.metadata.name}{"\n"}{end}'
kubectl get nodes -o custom-columns=NAME:.metadata.name,VERSION:.status.nodeInfo.kubeletVersion
kubectl get pods -A -l app=api
kubectl get pods -A --field-selector=status.phase=Running
kubectl api-resources
kubectl explain deployment.spec.template.spec.containers

Create and Change

For day-to-day delivery work, the core flow is create, apply, replace, delete, and rollout. Use dry runs and diffs before touching production objects.

Manifests, patching, and lifecycle

apply is still the dominant path for declarative changes. For small one-off edits, label, annotate, patch, and set image are faster than editing files. If you need to clean up or share YAML snippets first, the TechBytes Code Formatter is a practical companion.

kubectl apply -f k8s/
kubectl apply -f deploy.yaml --dry-run=client -o yaml
kubectl diff -f k8s/
kubectl create namespace staging
kubectl label ns staging owner=platform
kubectl annotate deploy api release=2026-04-06
kubectl set image deploy/api api=ghcr.io/acme/api:2026.04.06 -n prod
kubectl patch deploy api -n prod -p '{"spec":{"replicas":4}}'
kubectl delete -f old-manifests/
kubectl delete pod broken-pod -n prod --force --grace-period=0

Rollouts and scaling

When deployment state changes, these are the commands that matter most. rollout status confirms progress, rollout history shows revisions, and rollout undo gives you a quick rollback path.

kubectl rollout status deploy/api -n prod
kubectl rollout history deploy/api -n prod
kubectl rollout undo deploy/api -n prod
kubectl rollout restart deploy/api -n prod
kubectl scale deploy/api --replicas=5 -n prod
kubectl autoscale deploy/api --min=3 --max=10 --cpu-percent=70 -n prod

Troubleshoot and Debug

When something is failing, move from cheap reads to invasive actions: logs, describe, events, exec, port-forward, then debug if you need an ephemeral troubleshooting environment.

Logs, shells, and local tunnels

Most incidents start here. Read recent logs, follow a stream, open a shell, or forward traffic to your laptop to inspect an internal service without exposing it externally.

kubectl logs deploy/api -n prod --tail=200
kubectl logs pod/api-7c6d9b6d9f-r8x5m -n prod -f
kubectl logs deploy/api -n prod -c sidecar
kubectl exec -it deploy/api -n prod -- sh
kubectl cp -n prod api-7c6d9b6d9f-r8x5m:/tmp/profile.out ./profile.out
kubectl port-forward svc/api 8080:80 -n prod
kubectl describe pod api-7c6d9b6d9f-r8x5m -n prod
kubectl get events -n prod --sort-by=.lastTimestamp

Ephemeral debugging and node access

The official kubectl debug command now covers the common paths platform teams care about: attach an ephemeral container to a pod, create a copy for inspection, or land on a node for host-level investigation.

kubectl debug pod/api-7c6d9b6d9f-r8x5m -n prod -it --image=busybox:1.36
kubectl debug deploy/api -n prod --copy-to=api-debug --image=ubuntu:24.04 -it
kubectl debug node/ip-10-0-12-34 -it --image=ubuntu:24.04
kubectl get pod api-debug -n prod -o wide

Configuration and Contexts

Kubeconfig mistakes cause a disproportionate amount of pain. The important loading rule remains simple: --kubeconfig wins, then $KUBECONFIG, then the default ~/.kube/config. Build habits that make the active context obvious before every destructive command.

Contexts, users, and kubeconfig hygiene

current-context should be muscle memory. Also note that kubectl config view --raw can expose credentials and certificate data; if you need to share a config fragment for debugging, run it through the TechBytes Data Masking Tool first.

kubectl config current-context
kubectl config get-contexts
kubectl config use-context prod-us-east-1
kubectl config set-context --current --namespace=payments
kubectl config view
kubectl config view --raw
kubectl config get-users
kubectl config get-clusters

Completion and aliases

Official Kubernetes docs still recommend evaluating or sourcing the generated completion script for your shell. Once that is in place, aliasing k to kubectl is the easiest productivity win on the board.

alias k=kubectl
source <(kubectl completion bash)
kubectl completion zsh > "${fpath[1]}/_kubectl"
kubectl completion fish > ~/.config/fish/completions/kubectl.fish
kubectl completion powershell | Out-String | Invoke-Expression

Advanced Usage

This is the section that separates basic familiarity from confident platform operation: waiting on conditions, previewing drift, checking RBAC, querying raw endpoints, and building script-friendly output.

Safe automation patterns

kubectl diff is especially useful in CI because it returns a distinct exit code when differences are found. Pair it with wait and auth can-i to turn ad hoc checks into repeatable preflight steps.

kubectl wait --for=condition=Available deploy/api -n prod --timeout=120s
kubectl wait --for=condition=Ready pod -l app=api -n prod --timeout=120s
kubectl diff -f k8s/
kubectl auth can-i create deploy -n prod
kubectl auth can-i get pods --subresource=log -n prod
kubectl auth can-i --list -n prod

Cluster operations and lower-level access

For platform engineering work, you eventually need to cross the line from app resources to cluster mechanics: node scheduling controls, API probing, and watch-style inventory commands that feed scripts or incident workflows.

kubectl get pods -A --watch
kubectl get pods -A --chunk-size=200
kubectl get --raw /readyz?verbose
kubectl cordon ip-10-0-12-34
kubectl drain ip-10-0-12-34 --ignore-daemonsets --delete-emptydir-data
kubectl uncordon ip-10-0-12-34
kubectl taint nodes ip-10-0-12-34 maintenance=true:NoSchedule
kubectl taint nodes ip-10-0-12-34 maintenance=true:NoSchedule-
kubectl label node ip-10-0-12-34 nodepool=blue

The cheat-sheet mindset is simple: optimize for patterns, not memorization. If you know how get, describe, apply, rollout, config, wait, diff, and debug fit together, the rest of kubectl becomes discoverable.